OTL logfile created on: 11/30/2011 7:04:35 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 510.48 Mb Total Physical Memory | 26.20 Mb Available Physical Memory | 5.13% Memory free 1.64 Gb Paging File | 0.78 Gb Available in Paging File | 47.47% Paging File free Paging file location(s): C:\pagefile.sys 1200 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 104.71 Gb Total Space | 63.58 Gb Free Space | 60.71% Space Free | Partition Type: NTFS Drive D: | 7.05 Gb Total Space | 0.37 Gb Free Space | 5.25% Space Free | Partition Type: FAT32 Computer Name: YOUR-D0F670B45A | User Name: Compaq_Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/11/30 19:00:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\ccSvcHst.exe PRC - [2010/05/23 00:39:05 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe PRC - [2009/12/08 12:38:16 | 003,474,848 | ---- | M] (Webshots.com) -- C:\Program Files\Webshots\3.1.5.7617\Webshots.scr PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/05/19 14:49:03 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2006/06/20 22:44:04 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxcvdrpp.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService) SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\ccSvcHst.exe -- (N360) SRV - [2010/05/23 00:39:05 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe -- (NSL) SRV - [2010/01/25 16:07:02 | 000,041,272 | ---- | M] (SentryBay) [Disabled | Stopped] -- C:\Program Files\SentryBay\sbupdate.exe -- (sbupdate) SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/03/18 12:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Disabled | Stopped] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/10/18 19:23:42 | 000,547,352 | R--- | M] (Sana Security) [Disabled | Stopped] -- C:\Program Files\Suze Orman\Identity Theft Kit\agent\Bin\SanaSafeConnectWatcher.exe -- (SanaSafeConnectWatcher) SRV - [2007/10/18 19:23:38 | 005,218,328 | R--- | M] (Sana Security) [Disabled | Stopped] -- C:\Program Files\Suze Orman\Identity Theft Kit\agent\Bin\SanaAgent.exe -- (SanaSafeConnectAgent) SRV - [2006/06/21 10:56:58 | 000,528,384 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\lxcvcoms.exe -- (lxcv_device) SRV - [2005/09/29 14:55:38 | 000,069,632 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\FreezeScreenSaver.exe -- (FreezeScreenSaver) SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/11/14 14:28:02 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20111123.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2011/11/09 03:33:14 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011/11/09 03:33:13 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2011/09/13 20:03:53 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20111130.002\NAVEX15.SYS -- (NAVEX15) DRV - [2011/09/13 20:03:53 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20111130.002\NAVENG.SYS -- (NAVENG) DRV - [2011/08/22 23:17:32 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20111129.030\IDSXpx86.sys -- (IDSxpx86) DRV - [2011/07/18 11:39:43 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2011/03/30 22:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP) DRV - [2011/03/30 22:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2011/03/21 19:39:49 | 000,369,784 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMTDI.SYS -- (SYMTDI) DRV - [2011/03/14 21:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMEFA.SYS -- (SymEFA) DRV - [2011/01/27 01:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMDS.SYS -- (SymDS) DRV - [2011/01/27 00:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON) DRV - [2010/07/27 04:47:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2010/07/27 04:47:10 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2009/12/25 18:26:30 | 006,039,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/03/25 05:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008/04/13 13:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS_XP) DRV - [2008/03/21 12:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2007/10/18 19:24:02 | 000,160,280 | R--- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Program Files\Suze Orman\Identity Theft Kit\agent\driver\platform_XP\SafeConnectDriver.sys -- (SanaSafeConnectDriver) DRV - [2007/10/18 19:24:02 | 000,027,312 | ---- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Program Files\Suze Orman\Identity Theft Kit\agent\driver\platform_XP\SafeConnectShim.sys -- (SanaSafeConnectShim) DRV - [2007/10/18 19:24:00 | 000,030,232 | ---- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Program Files\Suze Orman\Identity Theft Kit\agent\driver\platform_XP\SafeConnectFilter.sys -- (SanaSafeConnectFilter) DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem) DRV - [2006/08/02 10:45:32 | 000,114,560 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mr7910.sys -- (mr7910) DRV - [2005/02/22 18:36:04 | 000,986,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2004/08/03 09:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C) DRV - [2001/10/01 14:29:22 | 000,006,144 | ---- | M] (Ravisent Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CINEMSUP.SYS -- (CINEMSUP) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr8/*http://www.yahoo.com/ext/search/search.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p=" FF - prefs.js..browser.search.selectedEngine: "Yahoo!" FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220 FF - prefs.js..extensions.enabledItems: phishlock@sentrybay.com:3.1.0.3799 FF - prefs.js..extensions.enabledItems: {8bc5b5eb-0ec4-46ed-a024-ace8a3032888}:4.2.3.5 FF - prefs.js..extensions.enabledItems: sss@sentrybay.com:4.2.0.0 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p=" FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\Software\MozillaPlugins\@ei.Guffins.com/Plugin: C:\Program Files\GuffinsEI\Installr\1.bin\NPu4EISB.dll (Guffins) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_3_6 [2011/11/30 10:06:56 | 000,000,000 | ---D | M] [2009/07/26 17:02:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions [2009/07/26 17:02:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org [2011/02/12 12:47:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\t7w0we3q.default\extensions [2009/08/02 09:44:55 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\t7w0we3q.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2011/06/21 09:03:41 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\t7w0we3q.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} [2009/03/31 11:29:41 | 000,002,139 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\t7w0we3q.default\searchplugins\MyStart Search.xml File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\COFFPLGN File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPLGN [2009/06/09 20:01:52 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/02/06 13:31:03 | 000,000,000 | ---D | M] (Secure Browse) -- C:\PROGRAM FILES\SENTRYBAY\PHISHLOCK\FFEXT [2010/02/06 13:31:03 | 000,000,000 | ---D | M] (Suze Orman Website Checker) -- C:\PROGRAM FILES\SENTRYBAY\PHISHLOCK\PHISHTANKSITECHECKER [2010/02/06 13:31:02 | 000,000,000 | ---D | M] (Suze Orman) -- C:\PROGRAM FILES\SENTRYBAY\SECURE BROWSE\TOOLBAR\FFEXT [2009/09/09 09:44:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Search the Web () CHR - default_search_provider: search_url = http://search.imgag.com/?appid=wsdt&component=&c=GNWSO38311&sbs=2&sc=2&f=web&vernum=3.1.5.7617&uid=323805679_78087714&did=%7bb854aa81-eaa3-403b-8f02-d04d95757fb6%7d&q={searchTerms} CHR - default_search_provider: suggest_url = O1 HOSTS File: ([2009/07/13 10:59:41 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.) O2 - BHO: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found. O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\IPS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (no name) - {C26CD490-5F01-41E3-B150-EB29F19DA056} - No CLSID value found. O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll (Yahoo! Inc) O2 - BHO: (Secure Browse) - {ff507020-a257-4527-a222-b6f5732e55ee} - C:\Program Files\SentryBay\PhishLock\plbho.dll (SentryBay) O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found. O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Suze Orman) - {e7d4a654-4204-491a-8d4d-227d48fd3626} - C:\Program Files\SentryBay\Secure Browse\toolbar\ieext.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-95BA-ED6DB186BE32} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [LXCVCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCVtime.DLL (Lexmark International Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [SpeedItUpEX] C:\Program Files\SpeedItup Free\SpeedItUp.exe -MINI File not found O4 - HKLM..\RunOnceEx: [] File not found O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7617\Launcher.exe (Webshots.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = [binary data] O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80443072-5384-4D29-A197-604ECE8884D8}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8881395D-A056-408B-9FFA-83B9237B1CB3}: DhcpNameServer = 192.168.1.254 O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/12/04 18:50:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/11/30 19:00:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe [2011/11/30 18:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\GuffinsEI [2011/11/10 13:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\ShopAtHome [2008/11/18 18:20:53 | 000,409,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvinpa.dll [2008/11/18 18:20:53 | 000,393,216 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcviesc.dll [2008/11/18 18:20:52 | 000,983,040 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvusb1.dll [2008/11/18 18:20:51 | 001,187,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvserv.dll [2008/11/18 18:20:50 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvprox.dll [2008/11/18 18:20:49 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvpmui.dll [2008/11/18 18:20:49 | 000,528,384 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvlmpm.dll [2008/11/18 18:20:49 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvpplc.dll [2008/11/18 18:20:46 | 000,380,928 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvih.exe [2008/11/18 18:20:45 | 000,528,384 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvcoms.exe [2008/11/18 18:20:44 | 000,667,648 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvcomc.dll [2008/11/18 18:20:44 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvcomm.dll [2008/11/18 18:20:44 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcvcfg.exe [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/11/30 19:00:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe [2011/11/30 10:08:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/11/30 10:06:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/11/30 10:06:08 | 535,351,296 | -HS- | M] () -- C:\hiberfil.sys [2011/11/29 15:20:43 | 000,014,650 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat [2011/11/09 14:07:26 | 000,528,534 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/11/09 14:07:26 | 000,107,032 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/11/09 03:05:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/11/08 21:19:16 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Microsoft Word.lnk [2011/11/02 12:13:31 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Webshots.lnk [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/07/13 13:36:08 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2010/10/14 18:49:54 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2010/06/02 08:34:15 | 000,162,047 | ---- | C] () -- C:\WINDOWS\My Medical History 2010 Free Uninstaller.exe [2010/05/04 10:51:57 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2010/02/12 16:28:54 | 000,113,167 | ---- | C] () -- C:\WINDOWS\hpoins07.dat [2010/02/12 16:28:54 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat [2009/08/06 18:51:56 | 000,000,029 | ---- | C] () -- C:\WINDOWS\popcinfot.dat [2009/07/06 13:58:19 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2009/03/17 07:19:25 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/03/03 11:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2008/12/29 09:48:27 | 000,000,207 | ---- | C] () -- C:\WINDOWS\acez3dfireplace.ini [2008/12/27 08:58:59 | 000,000,065 | ---- | C] () -- C:\WINDOWS\marscam.ini [2008/11/18 18:21:45 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcvvs.dll [2008/11/18 18:21:43 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\lxcvcoin.dll [2008/11/18 18:20:54 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXCVinst.dll [2008/11/05 08:27:43 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\FreezeScreenSaver.exe [2008/10/26 12:04:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2008/10/25 13:42:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat [2008/10/25 12:09:34 | 000,000,000 | ---- | C] () -- C:\Program Files\temp01 [2008/03/03 13:14:48 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2008/03/03 12:54:52 | 000,000,073 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2007/10/15 17:24:03 | 000,000,074 | ---- | C] () -- C:\WINDOWS\acezhauntedhouse.ini [2007/08/10 09:20:34 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini [2007/08/10 09:20:17 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL [2007/08/10 09:19:34 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HydraFra.dll [2007/08/10 09:19:34 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraPtb.dll [2007/08/10 09:19:34 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraNln.dll [2007/08/10 09:19:34 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraIta.dll [2007/08/10 09:19:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraSvs.dll [2007/08/10 09:19:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraNon.dll [2007/08/10 09:19:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraFif.dll [2007/08/10 09:19:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraDad.dll [2007/08/10 09:19:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\HydraJan.dll [2007/08/10 09:19:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\HydraKor.dll [2007/08/10 09:19:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZht.dll [2007/08/10 09:19:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZhs.dll [2007/08/10 09:19:34 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ViewHook.dll [2007/08/09 10:24:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI [2007/07/17 11:15:43 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/04/11 16:42:31 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007/03/04 18:44:04 | 000,014,650 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat [2006/11/26 17:51:41 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini [2006/11/12 12:41:29 | 000,028,672 | ---- | C] () -- C:\WINDOWS\vorbisfile.dll [2006/11/12 12:41:28 | 000,974,848 | ---- | C] () -- C:\WINDOWS\vorbis.dll [2006/11/12 12:41:28 | 000,049,152 | ---- | C] () -- C:\WINDOWS\ogg.dll [2006/11/02 21:27:08 | 000,000,049 | ---- | C] () -- C:\WINDOWS\popcinfo.dat [2006/10/22 13:55:35 | 000,000,838 | ---- | C] () -- C:\WINDOWS\sshot.ini [2006/10/22 13:50:18 | 000,000,123 | ---- | C] () -- C:\WINDOWS\PTMAIL.INI [2006/10/22 13:50:18 | 000,000,069 | ---- | C] () -- C:\WINDOWS\Parsons.ini [2006/09/30 22:25:50 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll [2006/09/04 19:16:24 | 000,001,125 | ---- | C] () -- C:\WINDOWS\unins001.dat [2006/09/04 17:20:49 | 000,009,813 | ---- | C] () -- C:\WINDOWS\System32\_MSSETUP.EXE [2006/09/04 17:20:49 | 000,005,165 | ---- | C] () -- C:\WINDOWS\System32\_BOOTSTP.EXE [2006/09/04 17:00:05 | 000,000,640 | ---- | C] () -- C:\WINDOWS\lexstat.ini [2006/09/04 15:54:55 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat [2006/09/04 15:52:13 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll [2006/09/04 15:49:48 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll [2006/09/04 15:49:47 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll [2006/05/19 15:38:40 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/05/19 15:13:29 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys [2006/05/19 15:09:06 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-5577497.exe [2006/05/19 15:07:54 | 000,667,896 | ---- | C] () -- C:\WINDOWS\unins000.exe [2006/05/19 15:07:54 | 000,001,227 | ---- | C] () -- C:\WINDOWS\unins000.dat [2006/05/19 15:07:44 | 000,012,993 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS [2006/05/19 15:07:37 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll [2006/05/19 15:05:14 | 000,000,166 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI [2006/05/19 15:03:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/05/19 14:51:33 | 000,000,109 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2006/05/19 14:49:52 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE [2006/05/19 14:49:52 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini [2006/05/19 14:44:32 | 000,095,822 | ---- | C] () -- C:\WINDOWS\hpqins69.dat [2006/05/19 14:43:06 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2006/05/19 14:24:22 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini [2006/05/19 14:20:38 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll [2005/12/04 19:05:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2005/12/04 18:55:08 | 000,528,534 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2005/12/04 18:55:08 | 000,107,032 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2005/12/04 18:53:22 | 000,477,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2005/12/04 18:50:02 | 000,004,346 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005/12/04 18:48:22 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005/01/18 15:05:36 | 000,079,320 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2004/08/03 23:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll [2004/08/03 23:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004/08/03 23:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll [2004/08/03 23:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004/08/03 23:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004/08/03 23:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll [2004/08/03 23:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll [2004/08/03 23:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll [2004/08/03 23:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004/08/03 23:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004/08/03 23:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/08/03 23:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004/08/03 23:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2004/06/15 09:38:00 | 000,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2003/01/16 13:22:44 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL [2003/01/16 13:22:44 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL [2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/06/27 15:32:01 | 017,186,609 | ---- | C] () -- C:\WINDOWS\Key West and Florida Keys Screen Saver.dat [2001/08/23 10:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/08/23 10:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini [1999/10/12 01:20:00 | 000,049,664 | ---- | C] () -- C:\WINDOWS\unins001.exe [1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/07/12 01:13:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\HSZlib.dll [color=#E56717]========== LOP Check ==========[/color] [2011/02/12 12:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\275D [2010/03/11 10:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi [2009/04/29 08:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T [2011/06/21 12:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BearShare [2006/11/02 18:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software [2010/01/22 10:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA [2010/01/22 11:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge [2009/02/28 19:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cozi [2010/01/18 14:38:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DataComm64 [2008/03/08 11:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations [2010/01/04 11:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier [2008/03/03 12:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP [2008/03/10 17:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamingSquared [2009/03/31 10:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM [2009/03/31 10:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail [2010/02/03 15:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JpegSizer [2009/09/10 07:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\old norton [2009/09/10 06:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\old sym [2011/08/30 14:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop [2009/07/08 08:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings [2009/08/06 18:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games [2007/03/22 19:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT [2011/08/22 13:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc [2010/01/04 13:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games [2010/11/01 08:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\StrataTicker [2010/01/30 11:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2011/06/20 22:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\W3i [2008/11/17 19:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition) [2010/06/18 10:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2010/04/28 09:20:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipSE [2009/03/14 18:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} [2011/06/21 12:09:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{4B337C2B-E6F0-4B28-98E9-248E1772D7EA} [2010/03/12 10:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AGI [2009/03/14 19:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Anabel [2009/04/29 08:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AT&T [2011/06/21 09:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\bearsharemediabartb [2008/10/25 12:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Big Fish Games [2011/08/21 19:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DriverCure [2007/10/15 17:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\elefundesktops [2011/08/21 19:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ElevatedDiagnostics [2011/04/02 17:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\EmailNotifier [2006/09/05 13:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FUJIFILM [2007/06/23 11:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FunWebProducts [2009/01/21 14:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GetRightToGo [2006/11/15 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ICAClient [2011/11/01 08:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Image Zone Express [2007/02/01 20:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech [2011/11/09 14:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MP3Rocket [2006/09/30 09:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller [2010/01/06 10:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\myfreezetoolbar [2007/02/15 18:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Opera [2006/09/09 17:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PlayFirst [2009/08/06 18:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PopCapv1001 [2008/02/27 09:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\RegistrySmart [2011/08/21 19:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SpeedMaxPc [2010/01/04 14:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SpinTop [2010/01/04 14:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SpinTop Games [2007/04/08 11:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template [2009/12/13 18:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Tific [2009/03/28 21:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\uTorrent [2006/10/22 12:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Webshots [2007/07/17 10:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WinBatch [2010/01/17 20:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Windows Live Writer [2009/05/31 02:30:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job [2011/08/21 19:45:33 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\SpeedMaxPc Defrag.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90D89144 @Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8F09BC2E @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:69B9AAE7 < End of report >